!541 fix CVE-2023-0266

Merge Pull Request from: @barry19901226 fix CVE-2023-0266 Link:https://gitee.com/openeuler/kernel/pulls/541 Reviewed-by: Zucheng Zheng <zhengzucheng@huawei.com> Reviewed-by: Jialin Zhang <zhangjialin11@huawei.com> Signed-off-by: Jialin Zhang <zhangjialin11@huawei.com>

!541 fix CVE-2023-0266
Merge Pull Request from: @barry19901226 fix CVE-2023-0266 Link:https://gitee.com/openeuler/kernel/pulls/541 Reviewed-by: Zucheng Zheng <zhengzucheng@huawei.com> Reviewed-by: Jialin Zhang <zhangjialin11@huawei.com> Signed-off-by: Jialin Zhang <zhangjialin11@huawei.com>
0a481a3e · openeuler-ci-bot · Gitee · 358a5fb9 · 7fae8c8b · 0a481a3e
隐藏空白更改
内联并排

Showing with 4 addition and 0 deletion

sound/core/control_compat.c sound/core/control_compat.c +4 -0

未找到文件。
--- a/sound/core/control_compat.c
+++ b/sound/core/control_compat.c
@@ -304,7 +304,9 @@ static int ctl_elem_read_user(struct snd_card *card,
 	err = snd_power_wait(card, SNDRV_CTL_POWER_D0);
 	if (err < 0)
 		goto error;
+	down_read(&card->controls_rwsem);
 	err = snd_ctl_elem_read(card, data);
+	up_read(&card->controls_rwsem);
 	if (err < 0)
 		goto error;
 	err = copy_ctl_value_to_user(userdata, valuep, data, type, count);
@@ -332,7 +334,9 @@ static int ctl_elem_write_user(struct snd_ctl_file *file,
 	err = snd_power_wait(card, SNDRV_CTL_POWER_D0);
 	if (err < 0)
 		goto error;
+	down_write(&card->controls_rwsem);
 	err = snd_ctl_elem_write(card, file, data);
+	up_write(&card->controls_rwsem);
 	if (err < 0)
 		goto error;
 	err = copy_ctl_value_to_user(userdata, valuep, data, type, count);